<?php
include "header.php";
include "mysqli_connection.php";

if (!isset($_SESSION["username"])){
	echo "<script>window.location.href='login.php'</script>";
}
else{
?>
<script>change_picture("admin");</script>
<script>
function jump(){
	window.location.href='managecourses.php';
}
window.setTimeout("jump();",3000);
</script>
<div>
<?php
	if (isset($_POST["c_id"]) && $_POST["c_id"] !== ""){
		$c_id = $mysqli->real_escape_string(trim($_POST["c_id"]));
		if ($c_id == 0){
			$query = "INSERT INTO Courses (prefix, number, title, professor) VALUES (?, ?, ?, ?);";
			$stmt = $mysqli->stmt_init();
			if ($stmt = $mysqli->prepare($query)){
				$stmt->bind_param("siss", trim($_POST["prefix"]), trim($_POST["number"]), trim($_POST["title"]), trim($_POST["professor"]));
				if (!$stmt->execute()){
					echo "Insert failed! ";
				}
				else{
					echo "Insert Succeed! ";
				}
				$stmt->close();
			}
		}
		else{
			$query = "UPDATE Courses SET prefix = ?, number = ?, title = ?, professor = ? WHERE c_id = ?;";
			$stmt = $mysqli->stmt_init();
			if ($stmt = $mysqli->prepare($query)){
				$stmt->bind_param("sissi", trim($_POST["prefix"]), trim($_POST["number"]), trim($_POST["title"]), trim($_POST["professor"]), $c_id);
				if (!$stmt->execute()){
					echo "Update failed! ";
				}
				else{
					echo "Update Succeed! ";
				}
				$stmt->close();
			}
		}
	}
?>
Jumping to manage courses page in 3 seconds...<br />
<a href="managecourses.php">Click here to jump immediately</a>
</div>

<?php
}
include "footer.php";